Rollback-Safe Sync Workflow
This workflow turns sync from a risky action into a controlled change process.
4-Step Pattern
flowchart LR
A[Preflight Checks] --> B[Dry Run Review]
B --> C[Execute with Backup Dir]
C --> D[Post-Check + Rollback Plan]
Mapping
Preflight Script
preflight.sh
test -d /srv/site || { echo "missing source"; exit 1; }
test "$(ls -A /srv/site | wc -l)" -gt 0 || { echo "source empty"; exit 1; }
rclone lsd remote-prod:site >/dev/null
Execution Script
execute-safe-sync.sh
rclone sync /srv/site remote-prod:site/current \
--dry-run --log-file /var/log/rclone-dryrun.log
rclone sync /srv/site remote-prod:site/current \
--backup-dir remote-prod:site/rollback/$(date +%F-%H%M) \
--delete-after \
--log-file /var/log/rclone-exec.log
rclone check /srv/site remote-prod:site/current --one-way
Rollback Command Pattern
rclone copy remote-prod:site/rollback/2026-02-11-0100 remote-prod:site/current --progress
tip
Store dry-run and execution logs together with job IDs. This makes incident review much faster.
Common Pitfalls
| Pitfall | Outcome | Prevention |
|---|---|---|
| No preflight checks | Sync from empty source | Fail fast before transfer starts |
| No rollback folder naming standard | Recovery confusion | Use timestamped rollback paths |
| No post-check | Incomplete success signal | Add rclone check for critical paths |